Which offers best protection?

  • Comodo Firewall w/ HIPS

    Votes: 25 35.2%
  • ReHIPS

    Votes: 8 11.3%
  • NoVirusThanks EXE Radar Pro

    Votes: 2 2.8%
  • VoodooShield

    Votes: 24 33.8%
  • Kaspersky w/ TAM

    Votes: 5 7.0%
  • Avast w/ Hardened Mode

    Votes: 2 2.8%
  • Other (please mention below)

    Votes: 5 7.0%
  • Total voters
    71

FleischmannTV

Level 7
Verified
Trusted
tried to do that yesterday, but CFW trashed my browser. It would not let chrome load my profile. I installed CFW, right away put it in proactive mode, and boom, chrome is broken.
30 hours later, and 0 replies on comodo help forum.
any ideas what to do?
Do you have the AppContainer flag enabled in chrome://flags? If so, then the injected cguard64.dll is probably making it crash. You have to go to HIPS options and add chrome.exe to the exceptions under "Detect shellcode injections". Yes, making that exception is still necessary, even if that option or the entire HIPS is disabled.
 
D

Deleted member 178

Do you have the AppContainer flag enabled in chrome://flags? If so, then the injected cguard64.dll is probably making it crash. You have to go to HIPS options and add chrome.exe to the exceptions under "Detect shellcode injections". Yes, making that exception is still necessary, even if that option or the entire HIPS is disabled.
Must be done as well with other security softs like HMPA or other anti-exploit softs.
 
  • Like
Reactions: shmu26

Av Gurus

Level 29
Verified
Trusted
Malware Hunter
Do you have the AppContainer flag enabled in chrome://flags? If so, then the injected cguard64.dll is probably making it crash. You have to go to HIPS options and add chrome.exe to the exceptions under "Detect shellcode injections". Yes, making that exception is still necessary, even if that option or the entire HIPS is disabled.
I have Chrome with Appcontainer enabled and run Comodo Firewall with no problem, also in Comodo sandbox no problem.
 
  • Like
Reactions: shmu26

shmu26

Level 83
Verified
Trusted
Content Creator
tried to do that yesterday, but CFW trashed my browser. It would not let chrome load my profile. I installed CFW, right away put it in proactive mode, and boom, chrome is broken.
30 hours later, and 0 replies on comodo help forum.
any ideas what to do?
Tried again today, and I didn't have problems.
the only real difference I can point to is that last time, I was running Avira AV, and this time, Windows Defender.
I do have appcontainer enabled.
 
  • Like
Reactions: Deleted member 2913
D

Deleted member 2913

Tried again today, and I didn't have problems.
the only real difference I can point to is that last time, I was running Avira AV, and this time, Windows Defender.
I do have appcontainer enabled.
I use proactive + customization And no probs with Chrome or etc...
I use CFW only, no AV, 3rd party AV, WD, etc...
 
  • Like
Reactions: BugCode and shmu26

shmu26

Level 83
Verified
Trusted
Content Creator
I use proactive + customization And no probs with Chrome or etc...
I use CFW only, no AV, 3rd party AV, WD, etc...
My new problem with Chrome and CFW is that every time I start up Chrome, my Norton Family extension wants to run a batch file with a random name, and Comodo doesn't like that. If I enable autosandbox, the command gets sandboxed. And if I use only HIPS, I get a series of prompts. Can't whitelist it because the name of the batch file changes every time.
 
  • Like
Reactions: Deleted member 2913
D

Deleted member 2913

My new problem with Chrome and CFW is that every time I start up Chrome, my Norton Family extension wants to run a batch file with a random name, and Comodo doesn't like that. If I enable autosandbox, the command gets sandboxed. And if I use only HIPS, I get a series of prompts. Can't whitelist it because the name of the batch file changes every time.
I am using Sticky Password on Chrome 64 Bits portable And when I run Chrome, a batch file related to Sticky Password is autosandboxed everytime BUT Sticky Password runs & works fine for me...
 
5

509322

My new problem with Chrome and CFW is that every time I start up Chrome, my Norton Family extension wants to run a batch file with a random name, and Comodo doesn't like that. If I enable autosandbox, the command gets sandboxed. And if I use only HIPS, I get a series of prompts. Can't whitelist it because the name of the batch file changes every time.
If I recall correctly, I think COMODO supports the use of wildcards in a file path - the same as NVT ERP when whitelisting command lines.
 
  • Like
Reactions: shmu26

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
Voted for ReHIPS, but if i had to choose an anti-exe with default settings out of the box, i would say AppSamvid, its fairly new product and I start to think that it's so simple that my mom could even learn it, i want to believe its future and continous development. :)
Thats that new Gvmt solution from India isn't it ?
What do you think of it, and how are you liking that, is it as effective as VS ?
 

shmu26

Level 83
Verified
Trusted
Content Creator
If I recall correctly, I think COMODO supports the use of wildcards in a file path - the same as NVT ERP when whitelisting command lines.
Comodo 10 has a new and innovative way of handling command lines, it extracts the code and creates from it a unique Comodo batch file with a random name, and then sandboxes that batch file when it runs. All such files are stored in the same Comodo folder (you might call this folder a "junkpile"). So if you wildcarded it, you just whitelisted every possible command line.
 
5

509322

Comodo 10 has a new and innovative way of handling command lines, it extracts the code and creates from it a unique Comodo batch file with a random name, and then sandboxes that batch file when it runs. All such files are stored in the same Comodo folder (you might call this folder a "junkpile"). So if you wildcarded it, you just whitelisted every possible command line.
I know a little about the feature you describe. I didn't mean to imply wildcard the .bat file - but I mistakenly said use a wildcard in the file path. What I meant was whitelist the command line using a wildcard if the argument randomly changes every time.

If I recall correctly, there is a way to whitelist command lines - or at least there used to be. It's been a long time so I could be mistaken and thinking of a different product. Anyway, even if you can whitelist a command line, that feature might ignore the allow rule and still sandbox the .bat.

What I am indirectly suggesting is that you might want to ask around about command line whitelisting in COMODO.
 
  • Like
Reactions: shmu26 and erreale

shmu26

Level 83
Verified
Trusted
Content Creator
I know a little about the feature you describe. I didn't mean to imply wildcard the .bat file - but I mistakenly said use a wildcard in the file path. What I meant was whitelist the command line using a wildcard if the argument randomly changes every time.

If I recall correctly, there is a way to whitelist command lines - or at least there used to be. It's been a long time so I could be mistaken and thinking of a different product. Anyway, even if you can whitelist a command line, that feature might ignore the allow rule and still sandbox the .bat.

What I am indirectly suggesting is that you might want to ask around about command line whitelisting in COMODO.
I actually asked around a little over there, and I saw some user discontent about this new feature. They are basically in damage control mode, until they figure out how to fix it. (I think I hear you chuckling...)
 
D

Deleted Member 3a5v73x

Thats that new Gvmt solution from India isn't it ?
What do you think of it, and how are you liking that, is it as effective as VS ?
Yes AppSamvid - An Application Whitelisting Software After watching @cruelsister test on it
and after some testing myself in VM i gave it a try on production machine alongside Webroot, (now trying EIS) and not have run into any problems whatsoever, even though AppSamvid is in early stage I believe updates will come throughout 2017 year and make it even better than it is now, I have encountered only UI glitches so far, even though AppSamvid may not be as complete as Voodooshield is (feature wise) I think it will become very strong anti-exe/whitelisting product, simple, yet effective, without fancy "Ai" stuff inside it. I like software without attractive looks what does what it is supposed to do, and so far I am satisfied how AppSamvid works. I think its too early to say how "effective" it is, not much time have passed yet and not so many know about AppSamvid yet. I think only those who need something more simplier than VoodooShield will switch to AppSamvid, I can't think of any other reason right now.
 
5

509322

I actually asked around a little over there, and I saw some user discontent about this new feature. They are basically in damage control mode, until they figure out how to fix it. (I think I hear you chuckling...)
I mentioned somewhere on MT that this new feature would cause user discontent.
 
  • Like
Reactions: shmu26

Telos

Level 16
Verified
Content Creator
I am using Sticky Password on Chrome 64 Bits portable And when I run Chrome, a batch file related to Sticky Password is autosandboxed everytime BUT Sticky Password runs & works fine for me...
Try this... In CFW's HIPS settings, uncheck "Do heuristic command-line analysis for certain applications" [uncheck this even if "Enable HIPS" is unchecked. Solved it for me]

My new problem with Chrome and CFW is that every time I start up Chrome, my Norton Family extension wants to run a batch file with a random name, and Comodo doesn't like that. If I enable autosandbox, the command gets sandboxed. And if I use only HIPS, I get a series of prompts. Can't whitelist it because the name of the batch file changes every time.
I'm not familiar with Norton Family extension, but I suspect the same issue as with Sticky Password above. Easy enough to try anyway.
 

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
Yes AppSamvid - An Application Whitelisting Software After watching @cruelsister test on it
and after some testing myself in VM i gave it a try on production machine alongside Webroot, (now trying EIS) and not have run into any problems whatsoever, even though AppSamvid is in early stage I believe updates will come throughout 2017 year and make it even better than it is now, I have encountered only UI glitches so far, even though AppSamvid may not be as complete as Voodooshield is (feature wise) I think it will become very strong anti-exe/whitelisting product, simple, yet effective, without fancy "Ai" stuff inside it. I like software without attractive looks what does what it is supposed to do, and so far I am satisfied how AppSamvid works. I think its too early to say how "effective" it is, not much time have passed yet and not so many know about AppSamvid yet. I think only those who need something more simplier than VoodooShield will switch to AppSamvid, I can't think of any other reason right now.
Ok, Thanks for taking the time to reply brother ;)
 
D

Deleted member 2913

Try this... In CFW's HIPS settings, uncheck "Do heuristic command-line analysis for certain applications" [uncheck this even if "Enable HIPS" is unchecked. Solved it for me]
I know that But I dont want to uncheck protection especially when I dont have probs i.e batch file is autosandboxed but Sticky Password works fine for me...
 
  • Like
Reactions: shmu26